Nicolas Dichtel wrote:
Hi,
I've a question about source address selection in HAAD Reply message.
Here is the topology:
MN1X
|
--------+-------+--------------- Link1X
|
R1
|
--------+-------+----------------------- Link1
|
RUT
|
- - - - + - - - - - - - - - - - - - - - Link0
I'd also say that RUT (your HA) should send the DHAAD Reply having the
src field as its address on Link0.
I think the choice on Link0 or Link1 address may have implications on
how secure DHAAD works. The address in src of Reply being different than
the address on the Reply payload may be not good for IPsec SA.
Alex
RUT is a Home Agent and the Home Link is Link0. Let's call RUT(Link1)
the unicast address sets of the interface connected to Link1 and
RUT(Link0) the unicast address sets to the interface connected to Link0.
MN1X sends a HAAD Request message to its home agent (RUT). The
destination address of this message is an anycast address. When RUT
sends the HAAD Reply message, which source address must be
used ? RUT(Link1) or RUT(Link0) ?
RFC3775 Section 10.5 just says:
"A home agent receiving a
Home Agent Address Discovery Request message that serves this subnet
SHOULD return an ICMP Home Agent Address Discovery Reply message to
the mobile node with the Source Address of the Reply packet set to
one of the global unicast addresses of the home agent."
Following RFC3484, I think that rules #5 (Prefer outgoing interface) in
Section 4 is reached. But, there is some cases, like for ICMP ECHO Reply
(RFC 4443 Section 4.2), where source address must be the destination
address of the request message. In our case, the destination address is
an anycast address (assigned to the interface attached to Link0) and,
following the RFC2526 Section 1, the packet is delivered to RUT(Link0):
"The anycast address may be assigned to one or more network interfaces
(typically on different nodes), with the network delivering each
packet addressed to this address to the "nearest" interface based on
the notion of "distance" determined by the routing protocols in use."
So, it's not clear which source address must/can be used. For example,
the TAHI tests suite expects the use of RUT(Link0).
Regards,
Nicolas
_______________________________________________
Mip6 mailing list
[EMAIL PROTECTED]
https://www1.ietf.org/mailman/listinfo/mip6
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
